Veritas NetBackup (Application) | Scan Requirements

Preparation for Scanning Veritas NetBackup

StorageGuard collects configuration data from Veritas NetBackup environment by opening an HTTPS connection to the Veritas NetBackup master server and running read-only Management Rest API calls. In case of NetBackup Flex appliance, please review also Veritas NetBackup Flex Appliance | Scan Requirements – Help Center | Continuity Software.

The following table lists the requirements for scanning Veritas NetBackup:

NOTES:

• StorageGuard support scanning NetBackup releases 8.1 and above.
• In case NetBackup Flex Appliance is used, it is highly recommended to scan both the NetBackup Application and the NetBackup Appliance - Refer to Veritas NetBackup Flex Appliance | Scan Requirements – Help Center | Continuity Software for more information.
• Optional: When a Linux-based NetBackup server is used, it's recommended to also enable StorageGuard to scan the NetBackup host or server instance. This requires SSH access and an OS user account. Refer to Storage Management host | Scan Requirements for more information.

Creating a User Account for Scanning Veritas NetBackup

The following suggested method can be used to create a user account with appropriate privileges:

• Log in to NetBackup Web UI as a user with administrative privileges.
• Create a user:
  • Navigate to Security > Users > Click + Add
  • Enter username, assign password, and proceed.
• Create a Custom Role with Read-Only Permissions:
  • Navigate to Security > RBAC > Roles > Click + Add to create a new role
  • Provide a role name and description (e.g., StorageGuard ReadOnly Role)
  • Under Permissions, select Assign.
  • Expand Global Permissions and check the "View" box for all subcategories.
  • Expand Protection Plans and check the "View" box for all subcategories.
  • Expand Assets and check the "View" box for all subcategories.
  • Under Users, select Assign

List of namespaces, categories and objects:

• Global Permissions
  • NetBackup Management
    • View Access Hosts
    • View Agentless Hosts
    • View Host Properties
    • View Media Servers
    • View NetBackup Hosts
    • View NetBackup Backup Images
    • View Jobs
    • View Resource Limits
    • View Servers > Trusted Primary Servers
    • View Event Logs
    • View Event Log Messages
    • View Event Log Notifications
    • View Server Groups
    • View WSSEndpoints
    • View Licensing
    • View Email Notifications
    • View Host Mappings
    • View CDP Gateway
    • View Retention levels
    • View Anomalies
    • View Data classifications
    • View Cloud Images
    • View Remote Primary Server CA
    • View Resiliency
    • View Cloud providers
    • View Amazon Web Services (AWS) configurations
    • View Microsoft Azure Stack Hub configurations
    • View Microsoft Azure configurations
    • View Google Cloud Platform (GCP) configurations
    • View CloudPoint servers
    • View WebSocket servers
    • View Snapshot Management Server
    • View Snapshot Management Server Plugins
    • View Scan Hosts
    • View Scan Host Pools
    • View Malware Tools
    • Malware - View scan results
  • Storage
    • View Cloud Storage
    • View Disk Pools
    • View Storage Servers
    • View Storage Servers – Replication Targets (Replication-capable target storage servers)
    • View Storage Servers – Universal Shares
    • View Storage Units
    • View Storage Units – Replication Targets
    • View Target Storage Servers
    • View Disk Volumes
    • View Tape Devices
    • View Tape Media, Tape Media Server Groups, Tape Media Volume Pools
    • View Workloads
    • View Protection Plans
• Protection
  • View Policies
  • View Storage Lifecycle Policies (SLPs)
  • View SLP-Windows
• Assets
  • View Dynamic NAS
  • View MS-Windows
  • Universal Shares – Instant Access Permission (Optional)
  • View Image Share → Cloud Images
  • View AHV clusters, VMs, and storage containers + view restore targets
  • View AHV intelligent VM groups
  • View cloud assets + View restore targets
  • View Kubernetes assets + View restore targets, view jobs
  • View SQL Server assets
  • View OpenStack servers
  • View RHV assets + view retore targets, view jobs
  • View Vmware assets + view retore targets, view jobs
• Security
  • View Access Control, Roles, Users
  • View Security events
  • View Identity provider configuration
  • View Key Management Service
  • View Security properties
  • View Trust Versions
  • Certificate Management
    • View certificate authorities
    • View External certificates
    • View NetBackup Certificates
    • View Hosts (for Migrate CA)
  • View Audit Logs
  • View MPA Config
  • View Settings
• BMR
  • View Boot servers
  • View Clients

Refer to Veritas NetBackup Security Administrator's Guide – Add a Custom Role for detailed steps and explanations.

• Add a custom RBAC role | Managing role-based access control | Section VI. Managing security | NetBackup™ Web UI Administrator's Guide | Veritas™
• About role permissions | RBAC permissions | Section I. Managing role-based access control | NetBackup™ Web UI Administrator's Guide | Veritas™